Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cloud Security Specialist Level II

AAC Inc

Cloud Security Specialist Level II

Bethesda, MD
Full Time
Paid
  • Responsibilities

    The responsibilities of the Cloud Security Engineer encompass collaborating with other DevOps and SysOps teams to transition public-facing, on-premise applications to the Cloud; securing the configuration management of the Cloud infrastructure; mitigating risks, and applying security controls to improve visibility and diagnostics in compliance with governing Federal requirements and security best practices.

    Developing and deploying infrastructure as a code scripts to implement and optimize security controls and mechanisms of a cloud infrastructure including initial and ongoing configuration of related automation and administration.

    Acting as the subject matter expert for cloud security and associated tools such as SIEM, access control mechanisms, IDS/IPS.

    Monitoring Cloud infrastructure and proactively mitigate potential incidents before service degradation occurs.

    Providing guidance to our DevOps teams developing on public Cloud platforms, advising on security standards for Cloud deployment, and working to identify common patterns for template provisioning.

    Conducting assessments of security controls for new and existing cloud systems; creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation such as Wiki. Determining security modes of operation and recommending new or revised security measures and countermeasures for current security challenges.

    Required Skills Required Experience

    • Requires Bachelor’s degree in computer science, cyber security, engineering, or other related discipline.
    • Minimum of 7 years of experience of which at least 5 years must be in system administration and system security administration.
    • Additional specialized experience is required and includes:
      • Designing and implementing a Cloud security architecture
      • Creating and editing AWS Cloud Formation scripts
      • Securing and monitoring Kubernetes
      • Managing, and monitoring a centralized AWS logging architecture (Splunk experience is highly desirable)
      • Implementing security controls for cloud
      • Proficiency with SIEM and vulnerability management solutions.
      • Proficiency with TCP/IP/UDP ports and protocols, IDS/IPS, NACL/ACL/SG applications
    • Experience can be substituted for degree – no degree / 11 years, MS / 5 years.
    • Must have experience using common networking tools to aid in troubleshooting, including nmap, Wireshark, tcpdump, etc.
    • Must be proficient in one or more scripting languages such as Python, Perl, PowerShell, Bash, etc.
    • CISSP certification is required.
    • AWS Certified Security – Specialty, ISC2, or Cloud Security Alliance certifications are desired.
    • Must be able to obtain Level 2 Secret (ANACI) clearance